CVE-2010-3891

Cross-site request forgery (CSRF) vulnerability in ESAdmin/security.do in the administrator interface in IBM OmniFind Enterprise Edition before 9.1 allows remote attackers to hijack the authentication of administrators for requests that add an administrative user via a saveNewUser action.
Advertisement

NeevaHost hosting service

Configurations

Configuration 1 (hide)

OR cpe:2.3:a:ibm:omnifind:8.4:-:enterprise:*:*:*:*:*
cpe:2.3:a:ibm:omnifind:8.5:-:enterprise:*:*:*:*:*
cpe:2.3:a:ibm:omnifind:8.0:-:enterprise:*:*:*:*:*
cpe:2.3:a:ibm:omnifind:*:-:enterprise:*:*:*:*:*

Information

Published : 2010-11-12 13:00

Updated : 2018-10-10 13:05


NVD link : CVE-2010-3891

Mitre link : CVE-2010-3891


JSON object : View

CWE
CWE-352

Cross-Site Request Forgery (CSRF)

Advertisement

dedicated server usa

Products Affected

ibm

  • omnifind